<html>
<head><title>Registration Page</title></head>
<body>
<%
String loginName = request.getParameter("loginName");
String pw1 = request.getParameter("pw1");
String pw2 = request.getParameter("pw2");
String email = request.getParameter("email");
boolean failure = true;
boolean blank = false;
boolean check = true;
if(loginName == null && pw1 == null && pw2 == null && email == null)
	blank = true;
else if(loginName.equals(""))
{
	out.println("LoginName is blank");
	out.println("<br>");
	check = false;
}
else if (pw1.equals("") || pw2.equals(""))
{
	out.println("Either one of the Password is blank");
	out.println("<br>");
	check = false;
	
}
else if (!pw1.equals(pw2))
{
	out.println("The passwords are not the same");
	out.println("<br>");
	failure = true;
	check = false;
}
%>

<%-- Import the java.sql package --%>
            <%@ page import="java.sql.*"%>
            <%-- -------- Open Connection Code -------- --%>
<%
if(check && !blank)
{
            Connection conn = null;
            PreparedStatement pstmt = null;
            ResultSet rs = null;
            
            try {
                // Registering Postgresql JDBC driver with the DriverManager
                Class.forName("org.postgresql.Driver");

                // Open a connection to the database using DriverManager
                conn = DriverManager.getConnection(
                    "jdbc:postgresql://localhost/admissions?" +
                    "user=postgres&password=27428572");
%>
	<%
	
	boolean dataCheck = true;
	Statement stmt = conn.createStatement();
	rs = stmt.executeQuery("SELECT user_id FROM users WHERE user_name='"+loginName+"'"); 
	if(rs.next())
	{	
		out.println("User Name is repeated. Please try another login Name");
		out.println("<br>");
		dataCheck = false;
	}
	rs = stmt.executeQuery("SELECT user_id FROM users WHERE email=md5('"+email+"')");
	if(rs.next())
	{
		out.println("The email is being used, please try another one");
		out.println("<br>");
		dataCheck = false;
	}
	if(dataCheck)
	{
		pstmt = conn.prepareStatement("INSERT INTO users (user_name,password,email) VALUES (?,md5(?),md5(?))");
		pstmt.setString(1,loginName);
		pstmt.setString(2,pw1);
		if(email.equals(""))
		pstmt.setString(3,null);
		else
			pstmt.setString(3,email);
		pstmt.executeUpdate();
		pstmt = conn.prepareStatement("INSERT INTO user_roles(user_ref,user_name,role) VALUES (?,?,?)");
		rs = stmt.executeQuery("SELECT user_id from users WHERE user_name ='"+loginName+"'");
		rs.next();
		pstmt.setInt(1,rs.getInt(1));
		pstmt.setString(2,loginName);
		pstmt.setString(3,"student");
		pstmt.executeUpdate();
		failure = false;
		out.println("Registration is compleleted, please go back to the main page and relogin your account");
		%>
		<p><a href="invalidate.jsp">Main Page</a></p>
		<%
	}
	%>

<%}

			catch (SQLException e){
				throw new RuntimeException(e);
			}

finally{
		if(rs != null){
					try{ 
						rs.close();
					}catch (SQLException e){ }
					rs = null;
				}
				if(pstmt != null){
					try{
						pstmt.close();
					}catch(SQLException e){}
					pstmt = null;
				}
				if(conn != null){
					try{
						conn.close();
					}catch (SQLException e) { }
					conn = null;
				}

		}
}
%>
<%
if(failure|| blank)
{
%>
<p/>
<Form Method="GET" ACTION="registration.jsp">
User Name : 
<INPUT TYPE="TEXT" SIZE="20" NAME="loginName"/><p/>
PassWord : 
<INPUT TYPE="TEXT" SIZE="20" NAME="pw1"><p/>
Retype Password :
<INPUT TYPE="TEXT" SIZE="20" NAME="pw2"><p/>
Email : 
<INPUT TYPE="TEXT" SIZE="40" NAME="email"><p/>
<INPUT TYPE="SUBMIT" VALUE="Submit"/>
</Form>
<p>	<a href="../admission/invalidate.jsp">Invalidate Session</a></p><%
}
%>
</body>
</html>
